Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/osP1PXS1Fo2ELg1jRcAaFE8oJc4.roa
File: osP1PXS1Fo2ELg1jRcAaFE8oJc4.roa (raw, json)
Hash identifier: Yvt1X/tWPPIdkns1lebt008jFWKNb5fDBZGJ2OsTey0=
Subject key identifier: A2:C3:F5:3D:74:B5:16:8D:84:2E:0D:63:45:C0:1A:14:4F:28:25:CE
Certificate issuer: /CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Certificate serial: 018573B187C0CDBEB4D9A275DE5763F6BB1E
Authority key identifier: D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/osP1PXS1Fo2ELg1jRcAaFE8oJc4.roa
Signing time: Mon 02 Jan 2023 18:14:52 +0000
ROA not before: Mon 02 Jan 2023 18:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201077
IP address blocks: 185.86.196.0/22 maxlen: 24
2a05:bb40::/29 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:87:c0:cd:be:b4:d9:a2:75:de:57:63:f6:bb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Validity
Not Before: Jan 2 18:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2c3f53d74b5168d842e0d6345c01a144f2825ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:07:dd:d6:0c:97:9e:ee:c6:d8:98:3b:34:
90:56:6b:a6:6f:c3:2f:03:a6:28:f3:a1:6a:3b:63:
a3:83:a9:d1:2b:4c:70:ac:87:f3:02:2c:94:a1:5d:
93:4b:62:9a:9a:e1:4c:6f:f7:ae:71:c8:01:0f:6d:
db:56:88:e6:87:e1:c5:ef:48:b9:23:ae:09:24:f9:
a1:d3:c5:58:d4:0f:c1:41:9b:0e:2c:8f:f5:a2:17:
0a:33:58:df:96:ac:12:14:b4:60:f9:cb:38:9e:ee:
ae:b4:09:2a:68:14:ad:bc:de:c8:6c:09:d1:59:e3:
1c:1d:98:da:0d:54:e7:31:3a:74:ec:eb:6c:13:a5:
65:88:87:ed:bb:99:33:87:72:c9:87:53:56:c3:18:
5a:ef:6e:fa:98:b6:21:cf:77:21:4c:68:02:66:12:
3d:8e:e2:15:78:7c:5f:f9:88:92:97:61:6c:a9:de:
af:70:74:ad:ef:8b:39:df:5d:12:4f:64:06:8f:18:
14:eb:51:a4:74:0a:5e:03:97:32:a8:ac:a2:b3:2e:
f2:ad:86:45:2f:43:4a:ac:18:53:9c:60:92:86:19:
54:2a:f9:ac:7d:94:3a:f6:97:5a:7c:f6:4b:5e:3e:
e7:ba:b0:7b:65:9a:c9:d7:99:98:9d:ca:d9:b2:ff:
e7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C3:F5:3D:74:B5:16:8D:84:2E:0D:63:45:C0:1A:14:4F:28:25:CE
X509v3 Authority Key Identifier:
keyid:D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/osP1PXS1Fo2ELg1jRcAaFE8oJc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.196.0/22
IPv6:
2a05:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
a6:99:81:35:66:f6:0d:68:94:92:28:64:2e:8e:38:87:8b:15:
3a:89:09:a9:d4:1c:f3:d1:ba:dc:41:04:f6:29:c0:39:50:cc:
92:7b:78:04:82:f0:55:2b:68:0f:bf:d2:41:31:68:dc:1b:28:
b1:86:1d:fc:14:59:d3:0d:9b:a1:3d:23:8f:c8:81:c2:1d:a8:
fc:fd:7e:1c:90:15:ed:ac:8a:16:13:4c:50:fb:c9:b6:40:35:
ee:8b:20:e3:be:83:84:5f:13:1e:a3:36:28:df:19:95:ae:f4:
a9:3a:f0:9d:40:da:0b:03:22:2d:9e:76:c4:d4:1b:fa:73:24:
dd:39:fc:10:a8:9e:a9:6f:2b:99:59:80:20:5e:a0:08:95:53:
73:4e:39:5d:73:5d:2b:3a:94:33:3f:29:8b:7d:02:94:80:d7:
c1:25:25:f0:77:6d:73:2c:7f:6e:2d:5d:b2:d5:64:20:60:32:
73:d7:f0:85:75:74:34:04:84:5c:7a:68:60:26:a6:9b:a0:ba:
c8:dc:1f:04:72:15:32:e2:bf:13:1b:13:b4:40:25:0e:90:35:
48:02:ff:06:03:84:37:ef:aa:1b:da:d0:5a:cf:5c:db:e7:5c:
f3:d0:a4:ca:98:0e:12:da:b6:db:42:05:57:ae:00:13:73:cf:
89:98:71:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzsYfAzb602aJ13ldj9rseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzc5NDNiMzQxMTg4ZTljZDJlOTNkZTI4OGIzM2ZmZTA0
MWM3ZDIwHhcNMjMwMTAyMTgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmMzZjUzZDc0YjUxNjhkODQyZTBkNjM0NWMwMWExNDRmMjgyNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdYH3dYMl57uxtiYOzSQVmumb8Mv
A6Yo86FqO2Ojg6nRK0xwrIfzAiyUoV2TS2KamuFMb/euccgBD23bVojmh+HF70i5
I64JJPmh08VY1A/BQZsOLI/1ohcKM1jflqwSFLRg+cs4nu6utAkqaBStvN7IbAnR
WeMcHZjaDVTnMTp07OtsE6VliIftu5kzh3LJh1NWwxha7276mLYhz3chTGgCZhI9
juIVeHxf+YiSl2Fsqd6vcHSt74s5310ST2QGjxgU61GkdApeA5cyqKyisy7yrYZF
L0NKrBhTnGCShhlUKvmsfZQ69pdafPZLXj7nurB7ZZrJ15mYncrZsv/nGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKLD9T10tRaNhC4NY0XAGhRPKCXOMB8GA1UdIwQY
MBaAFNd3lDs0EYjpzS6T3iiLM//gQcfSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNlVU96UVJpT25OTHBQZUtJc3pfLUJCeDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8zNWIxZGYtNzhjZi00ODE4LWIzM2Et
Y2RhN2ZjN2ViMDkyLzEvb3NQMVBYUzFGbzJFTGcxalJjQWFGRThvSmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8zNWIxZGYtNzhjZi00ODE4LWIzM2EtY2RhN2ZjN2ViMDky
LzEvMTNlVU96UVJpT25OTHBQZUtJc3pfLUJCeDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVbEMA0E
AgACMAcDBQMqBbtAMA0GCSqGSIb3DQEBCwUAA4IBAQCmmYE1ZvYNaJSSKGQujjiH
ixU6iQmp1Bzz0brcQQT2KcA5UMySe3gEgvBVK2gPv9JBMWjcGyixhh38FFnTDZuh
PSOPyIHCHaj8/X4ckBXtrIoWE0xQ+8m2QDXuiyDjvoOEXxMeozYo3xmVrvSpOvCd
QNoLAyItnnbE1Bv6cyTdOfwQqJ6pbyuZWYAgXqAIlVNzTjldc10rOpQzPymLfQKU
gNfBJSXwd21zLH9uLV2y1WQgYDJz1/CFdXQ0BIRcemhgJqaboLrI3B8EchUy4r8T
GxO0QCUOkDVIAv8GA4Q376ob2tBaz1zb51zz0KTKmA4S2rbbQgVXrgATc8+JmHHF
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:29 2024 by rpki-client on console-fra.rpki-client.org